ComputerTimeline

Microsoft is today putting an end to the vulnerability found in old versions of Internet Explorer (6-8) that allowed an attacker to execute harmful code in a target computer, if the user was tricked by a specially crafted website.

Soon after the security hole was found, the software giant quickly made available a temporary workaround in a form of patch that they call “Fix it”. However, the security update released today should permanently close the door, for good, to this issue.

The company reports that only a small number of users have been affected by the exploit, but acknowledges that if could potentially affect more users in the future. Because of its future impact the update has been labeled as “Critical” and it will be installed automatically to all those users who have Automatic Update enabled. Microsoft also is advising users to upgrade to IE9 and 10 when possible to stay even more protected from this particular security hole.

Note that if you previously installed the “Fix it”, you don’t need to uninstall it before applying the new update, but you may want to uninstall the patch after, as it could slowdown IE start-up time.
If you prefer to manually install the Security Update (2799329), you can download it here.

Please watch the video below for an overview of this security update, and you can find more information on the Microsoft Security Bulletin summary webpage.



Source :- www.pureinfotech.com, www.blogs.technet.com

Internet Explorer Logo

Today in a quick response to the matter, Microsoft is rolling out two security updates to resolve the security flaws on Internet Explorer. In this Windows Update the software giant is releasing two patches: The first patch 2744842 (described in Microsoft Security Bulletin MS12-063), permanently fixes the vulnerability on IE7, IE8 and Internet Explorer 9 on Windows XP, Windows 7 and Vista respectively.

The security hole discovered late last weekend, as we mentioned before, could allow malicious users to harm Windows machines by means of spacial design of Flash animation.

The second security update (described in Microsoft Security Advisory 2755801) is to fix the Flash exploit found on Windows 8′s IE10. This was a security issue that could cause Adobe Flash to crash, while allowing unauthorized to the computer. Even though the operating system hasn’t been released, there are already many companies and people developing software with the Release to Manufacture or RTM version — Microsoft plans to make Windows 8 available to the public on October 26th, right after the launch event the day before in New York City.

The patches are now available for Windows 8, Windows 7, Vista and Windows XP via Microsoft’s Windows update service.

Source :- www.pureinfotech.com , Microsoft Security Bulletins

INTERNET EXPLORER LOGO

Days after the newly discovered weakness in Internet Explorer (versions 9, 8, 7 and 6) that could potentially put at risk a massive number of Windows PCs, Microsoft has made available a temporary resolution for the problem in form of a Windows Fix it (kb2757760), also an update scheduled to be released this Friday to permanently path the issue.

The exploit, discovered during the weekend, could allow a malware to bypass security protocols via Flash and affect XP, Vista and Windows 7 machines. In a new article the company stated that there is a fix now for it and it is easy to apply: “This is an easy, one-click solution that will help protect your computer right away. It will not affect your ability to browse the web, and it does not require a reboot of your computer.”

While the fix it (Microsoft Fix it 50939 and 50938) delivers a protection against the security hole, Microsoft recommends to IE users that it is highly important to install the forthcoming security update set for Friday via Windows Update. To get all the steps on how to install Microsoft Fix it for Internet Explorer follow these instructions.

Source :- www.pureinfotech.com

INTERNET EXPLORER LOGO

As you might have heard by now, Internet Explorer 9 down to version 6 are at risk because of a new security flaw – IE10 on Windows 8 has not been affected –. Microsoft has yet to issue a security update, but until then the company is suggesting some options to temporally deal with this bug.
About the new IE bug, well… It is a security hole that was discovered days ago and it could potentially compromise PCs running Windows 7, Vista, XP SP3 and below, if users browse malicious web pages designed to take advantage of this Internet Explorer’s weakness.

In an article from Microsoft Security Advisory the company is offering details about the problem and it is also advising users to protect themselves from this vulnerability until an update for IE is release.

Four different workaround to deal with the bug

What you should always be doing is advice first:

1>> Make sure that you have an antivirus and anti-spyware solution installed and up-to-date, and also make sure that you are using a firewall, either use the one built-in Windows or use a third-party solution.

2>> It is also suggested to install the Enhanced Mitigation Experience Toolkit or EMET from Microsoft. The utility is designed to help protect from weakness in software being easily exploited, by adding an extra layer of security that function as an obstacle that whoever writes the malicious software must bypass first.

3>> Another option is to modify your Internet and Local Intranet security settings to High. If you want to do this. Open Control Panel, in the search box type Internet Options, from the list results open the Internet Properties, navigates to the Security tab and in the “Security level for this zone” position the slider to High for both zones. Click Apply and then OK.

4>> Active Scripting can also be used by setting it to notify in both Local Intranet and Internet. To accomplish this task once again open the Internet Properties and in the Security tab, select the Internet zone, click the Custom Level button. Then scroll down and under the Scripting section, set the Active scripting option to Prompt, and click OK. Remember to do the same for the Local Intranet zone.

According to the company these workarounds could help prevent users from loading websites that can harm their computers with this security hole.

Changing the settings will actively trigger an unpleasant message every time the user stumble upon a web page that make use of the ActiveX control prompting to allow or block the web page. However, you can always opt not to use Internet Explorer, until a fix is release. Options are all around, you can use Google Chrome or Firefox as alternative web browsers among others. This is a pretty easy thing to do if you are a normal user, but the challenge comes when companies depend on IE to access their web applications.

Source :- wwwpureinfotech.com

With no fix available yet, Microsoft has a few words of wisdom for users who don't want to be bit by the newly-discovered bug.

A malware attack exploiting Internet Explorer 9. (Credit: Rapid7)

 Users of Internet Explorer versions 6 through 9 are grappling with another security flaw without a fix, but Microsoft has a few suggestions to help shore up protection.

Uncovered this past weekend, the security hole could compromise the PCs of IE users who surf to a malicious Web site. Microsoft said it's already aware of attacks that have tried to take advantage of this weakness.

Since no fix is yet available, it's up to users of IE to protect themselves. A new Microsoft Security Advisory offers several recommendations.

To start, the usual advice always applies. Make sure you're running updated antivirus and antispyware software and that you're using a firewall, either a third-party utility or the one built into Windows.
You can also install the Enhanced Mitigation Experience Toolkit from Microsoft. EMET tries to ward off attacks on software holes by putting up a wall of security obstacles that the malware writers must circumvent. EMET can be configured specifically for Internet Explorer as well as other applications.
Another option is to push the Internet and local Intranet security settings in IE to "high." To do this, launch Internet Explorer, click the Tools menu, and then select Internet Options. Click the Security tab and then select the Internet zone. Under the Security level for this zone, move the slider to High. Click the Local Intranet zone and again push the Security level to High.

Users can also set Active Scripting to "prompt" in both the Internet and Local Intranet zones. To do this, again select Internet Options from the Tools menu in IE. Click the Security tab. Click the Internet zone and then select Custom Level. Scroll down to the Scripting section and set Active Scripting to Prompt. Repeat the same steps for the Local Intranet zone.

As Microsoft warns, tweaking these settings could prevent access to certain Web sites.
Even changing the setting to "prompt" will trigger an annoying message anytime you hit a Web site that uses ActiveX controls asking if you want to allow or block the site.

Microsoft's own Windows update sites -- *.windowsupdate.microsoft.com and *.update.microsoft.com -- rely on ActiveX control to install available updates.

You can add sites that you trust to the Trusted sites zone through Internet Options. But this can be time-consuming since you have to add them on an individual basis.

As a result, the easiest option is to just not use Internet Explorer, at least not while this exploit remains in the wild. Individual users can switch to Firefox, Chrome, or another browser. Organizations that have standardized on Internet Explorer face a tougher challenge. So the onus now is on Microsoft to fix this hole as quickly as possible.

You can learn more about the security flaw and possible workarounds through Microsoft's Security Advisory.

 Source :- www.cnet.com by Lance Whitney

Window Xp - Screenshot

Today, Tuesday, April 10th, 2012 is the day that Microsoft is ending the mainstream support for Windows Vista after five years of its release, and for Microsoft Office 2007. However, because Windows XP still a big player in the operating system world, all support is set to be terminated in about two years, together with Microsoft Office 2003.

As reported by Ars Technica, the software giant has two stages for the support lifecycle of its products:

• Mainstream: The product gets all sorts of updates, security, stability, fixes, and seldom features.
• Extended: The product only gets security updates and business have to pay for bug fixes.

This means that Windows XP and Microsoft Office 2003 are in the Extended lifecycle until the end of 2014. Windows Vista and Microsoft Office 2007 on the other hand has just joined the Extended stage and their limited support are set to be terminated in early 2017.
For more information, you can visit Microsoft’s lifecycle web page.

Source :-  www.pureinfotech.com

Ten years have passed since Windows XP was first released for general availability, and how much technology has changed since a decade ago. Looking back 10 years in past, I don’t recall streaming all of my music, watching my TV shows right from a laptop wirelessly connected to the internet, or using a flash drive in the camera to take pictures and record HD videos with a device that fits in the palm of my hand; definitely many big changes have happened.

The software giant started developing Windows XP (experience) back in 1999 under the code name Windows Neptune and it took less than 2 years to bring it to the retail stores.

Windows XP was built from the grown up to replace Windows 2000 and Windows ME. This operating system also marked the end of MS-DOS era — for many of you that may not know, previous versions of Windows such as, Windows 98, Windows 95 and Windows 3, used to run on top of MS-DOS, but starting Windows XP the operating system run independently of Microsoft Disk Operating System –.

Here is a short video where Bill Gates, Microsoft Chairman and CEO — at that time– kills MS-DOS.

In Windows XP, Microsoft introduced a new user interface, visual effects, a new theme engine. XP also was shipped bliss default wallpaper from Napa Valley landscape in California. And of course many new features were included like the ability for each user to have their own account.
Windows XP had 3 major updates, service pack 1, 2, 3, that offered tons of fixes and the addition of a number of new features such as, WPA Wi-Fi support, ad blocker for IE6, Firewall, and bluetooth support. The software maker also added the Windows System Center, which was built to alert users of security concerns like, not having an antivirus, configure Windows Updates, disabled Firewall, etc.
This 10 years old operating system dominated the computer market until recently, when Windows 7 finally surpassed its predecessor worldwide usage. But it still a long way to go, Windows 7 is installed on 40.21% of all global desktop computers in the world and Windows XP is in second place with 38.64%, according to StatCounter. Now after many time of postponing, Microsoft is scheduled to end the support of Windows XP and Office 2003 by April, 2014. In this 10 year anniversary Microsoft is also urging users to move to Windows 7.

Microsoft now is in a new quest to reinvent Windows “without compromises” with Windows 8. This is a new operating system that features hundreds of new improvements, a new Start screen that replaces the classic Start menu, designed that is almost a carbon copy of the company’s Windows Phone OS. The software maker is also going to allow application developers to write Metro style apps in almost any language, including HTML, that will interact with the Start screen and the OS. This new redesign also opens the door for Microsoft to finally compete head-to-head with Apple and Google in the tablets market, something that the company could not yet achieve — If you want to learn more about the up coming operating system, check out our Windows 8 spot.

 Check out this infographic to find out more:



Source :- www.pureinfotech.com, www.blogs.windows.com